Initial helm deploy

.github/scripts/validate-deploy.sh

@@ -3,7 +3,7 @@
 GIT_REPO=$(cat git_repo)
 GIT_TOKEN=$(cat git_token)
 
-BIN_DIR=$(cat .bin_dir)
+#BIN_DIR=$(cat .bin_dir)
 
 export PATH="${BIN_DIR}:${PATH}"
 
@@ -25,6 +25,11 @@ SERVER_NAME=$(jq -r '.server_name // "default"' gitops-output.json)
 LAYER=$(jq -r '.layer_dir // "2-services"' gitops-output.json)
 TYPE=$(jq -r '.type // "base"' gitops-output.json)
 
+APPNAME=$(jq -r '.appname // "manage"' gitops-output.json)
+WSNAME=$(jq -r '.ws_name // "demo"' gitops-output.json)
+INSTNAME=$(jq -r '.inst_name // "masdemo"' gitops-output.json)
+
+
 mkdir -p .testrepo
 
 git clone https://${GIT_TOKEN}@${GIT_REPO} .testrepo
@@ -41,11 +46,6 @@ fi
 echo "Printing argocd/${LAYER}/cluster/${SERVER_NAME}/${TYPE}/${NAMESPACE}-${COMPONENT_NAME}.yaml"
 cat "argocd/${LAYER}/cluster/${SERVER_NAME}/${TYPE}/${NAMESPACE}-${COMPONENT_NAME}.yaml"
 
-if [[ ! -f "payload/${LAYER}/namespace/${NAMESPACE}/${COMPONENT_NAME}/values.yaml" ]]; then
-  echo "Application values not found - payload/${LAYER}/namespace/${NAMESPACE}/${COMPONENT_NAME}/values.yaml"
-  exit 1
-fi
-
 echo "Printing payload/${LAYER}/namespace/${NAMESPACE}/${COMPONENT_NAME}/values.yaml"
 cat "payload/${LAYER}/namespace/${NAMESPACE}/${COMPONENT_NAME}/values.yaml"
 
@@ -64,21 +64,71 @@ else
   sleep 30
 fi
 
-DEPLOYMENT="${COMPONENT_NAME}-${BRANCH}"
 count=0
-until kubectl get deployment "${DEPLOYMENT}" -n "${NAMESPACE}" || [[ $count -eq 20 ]]; do
-  echo "Waiting for deployment/${DEPLOYMENT} in ${NAMESPACE}"
+until kubectl get deployment ibm-mas-manage-operator -n ${NAMESPACE} || [[ $count -eq 30 ]]; do
+  echo "Waiting for deployment/ibm-mas-manage-operator in ${NAMESPACE}"
   count=$((count + 1))
-  sleep 15
+  sleep 60
 done
 
-if [[ $count -eq 20 ]]; then
-  echo "Timed out waiting for deployment/${DEPLOYMENT} in ${NAMESPACE}"
+if [[ $count -eq 30 ]]; then
+  echo "Timed out waiting for deployment/ibm-mas-manage-operator in ${NAMESPACE}"
+  kubectl get all -n "${NAMESPACE}"
+  exit 1
+fi
+
+## workspace rollout 
+count=0
+until kubectl get deployment ${INSTNAME}-entitymgr-ws -n ${NAMESPACE} || [[ $count -eq 50 ]]; do
+  echo "Waiting for deployment/${INSTNAME}-entitymgr-ws in ${NAMESPACE}"
+  count=$((count + 1))
+  sleep 60
+done
+
+if [[ $count -eq 50 ]]; then
+  echo "Timed out waiting for deployment/${APPNAME}-entitymgr-ws in ${NAMESPACE}"
+  kubectl get all -n "${NAMESPACE}"
+  exit 1
+fi
+
+kubectl get deployments -n ${NAMESPACE}
+
+## maxinst deployment must succeed or nothing will work - this can take up to 4.5hrs if demo data is deployed too
+count=0
+until kubectl get deployment ${WSNAME}-manage-maxinst -n ${NAMESPACE} || [[ $count -eq 200 ]]; do
+  echo "Waiting for deployment/${WSNAME}-manage-maxinst in ${NAMESPACE}"
+  count=$((count + 1))
+  sleep 1m
+done
+
+if [[ $count -eq 200 ]]; then
+  echo "Timed out waiting for deployment/${WSNAME}-manage-maxinst in ${NAMESPACE}"
   kubectl get all -n "${NAMESPACE}"
   exit 1
 fi
 
-kubectl rollout status "deployment/${DEPLOYMENT}" -n "${NAMESPACE}" || exit 1
+
+kubectl get deployments -n ${NAMESPACE}
+
+## last test for all deploy
+count=0
+until kubectl get deployment ${WSNAME}-all -n ${NAMESPACE} || [[ $count -eq 200 ]]; do
+  echo "Waiting for deployment/${WSNAME}-all in ${NAMESPACE}"
+  count=$((count + 1))
+  sleep 1m
+done
+
+if [[ $count -eq 200 ]]; then
+  echo "Timed out waiting for deployment/${WSNAME}-all in ${NAMESPACE}"
+  kubectl get all -n "${NAMESPACE}"
+  exit 1
+fi
+
+
+kubectl get deployments -n ${NAMESPACE}
+
+
+
 
 cd ..
 rm -rf .testrepo

.github/workflows/verify-pr.yaml

@@ -10,9 +10,10 @@ on:
 jobs:
   verify:
     if: ${{ !contains( github.event.pull_request.labels.*.name, 'skip ci' ) }}
-    uses: cloud-native-toolkit/action-workflows/.github/workflows/verify-gitops-module.yaml@v1
+    #uses: cloud-native-toolkit/action-workflows/.github/workflows/verify-gitops-module.yaml@v1
+    uses: ./.github/workflows/verify-workflow.yaml
     with:
-      testcase: ocp4_latest_gitops
+      testcase: ocp4_latest_gitops_maximo
     secrets:
       GIT_ORG: ${{ secrets.GIT_ORG }}
       AWS_CLUSTER_USERNAME: ${{ secrets.AWS_CLUSTER_USERNAME }}
@@ -21,6 +22,12 @@ jobs:
       GIT_ADMIN_USERNAME: ${{ secrets.GIT_ADMIN_USERNAME }}
       GIT_ADMIN_TOKEN: ${{ secrets.GIT_ADMIN_TOKEN }}
       CP_ENTITLEMENT_KEY: ${{ secrets.CP_ENTITLEMENT_KEY }}
+      DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
+      DATABASE_USERNAME: ${{ secrets.DATABASE_USERNAME }}
+      DATABASE_CERT: ${{ secrets.DATABASE_CERT }}
+      DATABASE_URL: ${{ secrets.DATABASE_URL }}
+      CRYPTO_KEY: ${{ secrets.CRYPTO_KEY }}
+      CRYPTOX_KEY: ${{ secrets.CRYPTOX_KEY }}
 
   verifyMetadata:
     uses: cloud-native-toolkit/action-workflows/.github/workflows/verify-module-metadata.yaml@v1

.github/workflows/verify-workflow.yaml

@@ -0,0 +1,137 @@
+name: Verify
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the main branch
+on:
+  workflow_call:
+    inputs:
+      testcase:
+        required: true
+        type: string
+        default: ocp4_latest_gitops_maximo
+      skipDestroy:
+        required: false
+        type: string
+        default: "false"
+    secrets:
+      GIT_ORG:
+        required: false
+      AWS_CLUSTER_USERNAME:
+        required: true
+      AWS_CLUSTER_PASSWORD:
+        required: true
+      IBMCLOUD_API_KEY:
+        required: true
+      GIT_ADMIN_USERNAME:
+        required: true
+      GIT_ADMIN_TOKEN:
+        required: true
+      CP_ENTITLEMENT_KEY:
+        required: true
+      DATABASE_USERNAME:
+        required: true
+      DATABASE_PASSWORD:
+        required: true
+      DATABASE_CERT:
+        required: true
+      DATABASE_URL:
+        required: true
+      CRYPTO_KEY:
+        required: true
+      CRYPTOX_KEY:
+        required: true
+
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    container: quay.io/cloudnativetoolkit/cli-tools:v1.1
+
+    strategy:
+      matrix:
+        testcase:
+          #comment-out or remove either of the platforms you do not need.  ocp4_latest is IBM Cloud
+          - ${{ inputs.testcase }}
+          # - aws_latest_gitops
+      max-parallel: 1
+      fail-fast: false
+
+    env:
+      HOME: /home/devops
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v1
+
+      - id: variables
+        name: Set up variables
+        env:
+          GIT_ORG: ${{ secrets.GIT_ORG }}
+          AWS_CLUSTER_USERNAME: ${{ secrets.AWS_CLUSTER_USERNAME }}
+          AWS_CLUSTER_PASSWORD: ${{ secrets.AWS_CLUSTER_PASSWORD }}
+          IBM_CLUSTER_USERNAME: "apikey"
+          IBM_CLUSTER_PASSWORD: ${{ secrets.IBMCLOUD_API_KEY }}
+          ENVIRONMENT: ${{ matrix.testcase }}
+        shell: bash
+        run: |
+          repo=$(echo ${GITHUB_REPOSITORY} | sed -E "s~.*/[^-]+-(.*)~\1-${{matrix.testcase}}~g" | sed 's/_latest_gitops//g')
+          echo "Repo: $repo"
+          echo "::set-output name=repo::$repo"
+
+          org="${GIT_ORG:-cloud-native-toolkit-test}"
+          echo "Org: $org"
+          echo "::set-output name=org::$org"
+
+          if [[ $ENVIRONMENT =~ ^aws ]]; then
+            echo "::set-output name=CLUSTER_USERNAME::$AWS_CLUSTER_USERNAME"
+            echo "::set-output name=CLUSTER_PASSWORD::$AWS_CLUSTER_PASSWORD"
+          else 
+            echo "::set-output name=CLUSTER_USERNAME::$IBM_CLUSTER_USERNAME"
+            echo "::set-output name=CLUSTER_PASSWORD::$IBM_CLUSTER_PASSWORD"
+          fi
+
+      - name: Verify deploy on ${{ matrix.testcase }}
+        uses: cloud-native-toolkit/action-module-verify-deploy@main
+        with:
+          clusterId: ${{ matrix.testcase }}
+          validateDeployScript: .github/scripts/validate-deploy.sh
+        env:
+          TF_VAR_git_username: ${{ secrets.GIT_ADMIN_USERNAME }}
+          TF_VAR_git_token: ${{ secrets.GIT_ADMIN_TOKEN }}
+          TF_VAR_git_org: ${{ steps.variables.outputs.org }}
+          TF_VAR_git_repo: ${{ steps.variables.outputs.repo }}
+          TF_VAR_bootstrap_prefix: ${{ steps.variables.outputs.repo }}
+          TF_VAR_cp_entitlement_key: ${{ secrets.CP_ENTITLEMENT_KEY }}
+          TF_VAR_cluster_username: ${{ steps.variables.outputs.CLUSTER_USERNAME }}
+          TF_VAR_cluster_password: ${{ steps.variables.outputs.CLUSTER_PASSWORD }}
+          TF_VAR_ibmcloud_api_key: ${{ secrets.IBMCLOUD_API_KEY }}
+          TF_VAR_database_username: ${{ secrets.DATABASE_USERNAME }}
+          TF_VAR_database_password: ${{ secrets.DATABASE_PASSWORD }}
+          TF_VAR_database_cert: ${{ secrets.DATABASE_CERT }}
+          TF_VAR_database_url: ${{ secrets.DATABASE_URL }}
+          TF_VAR_database_crypto_key: ${{ secrets.CRYPTO_KEY }}
+          TF_VAR_database_cryptox_key: ${{ secrets.CRYPTOX_KEY }}
+
+      - name: Verify destroy on ${{ matrix.testcase }}
+        uses: cloud-native-toolkit/action-module-verify-destroy@main
+        if: ${{ always() && inputs.skipDestroy != 'true' }}
+        with:
+          clusterId: ${{ matrix.testcase }}
+        env:
+          TF_VAR_git_username: ${{ secrets.GIT_ADMIN_USERNAME }}
+          TF_VAR_git_token: ${{ secrets.GIT_ADMIN_TOKEN }}
+          TF_VAR_git_org: ${{ steps.variables.outputs.org }}
+          TF_VAR_git_repo: ${{ steps.variables.outputs.repo }}
+          TF_VAR_bootstrap_prefix: ${{ steps.variables.outputs.repo }}
+          TF_VAR_cp_entitlement_key: ${{ secrets.CP_ENTITLEMENT_KEY }}
+          TF_VAR_cluster_username: ${{ steps.variables.outputs.CLUSTER_USERNAME }}
+          TF_VAR_cluster_password: ${{ steps.variables.outputs.CLUSTER_PASSWORD }}
+          TF_VAR_ibmcloud_api_key: ${{ secrets.IBMCLOUD_API_KEY }}
+          TF_VAR_database_username: ${{ secrets.DATABASE_USERNAME }}
+          TF_VAR_database_password: ${{ secrets.DATABASE_PASSWORD }}
+          TF_VAR_database_cert: ${{ secrets.DATABASE_CERT }}
+          TF_VAR_database_url: ${{ secrets.DATABASE_URL }}
+          TF_VAR_database_crypto_key: ${{ secrets.CRYPTO_KEY }}
+          TF_VAR_database_cryptox_key: ${{ secrets.CRYPTOX_KEY }}

.github/workflows/verify.yaml

@@ -10,9 +10,10 @@ on:
 jobs:
   verify:
     if: ${{ !contains( github.event.pull_request.labels.*.name, 'skip ci' ) }}
-    uses: cloud-native-toolkit/action-workflows/.github/workflows/verify-gitops-module.yaml@v1
+    #uses: cloud-native-toolkit/action-workflows/.github/workflows/verify-gitops-module.yaml@v1
+    uses: ./.github/workflows/verify-workflow.yaml
     with:
-      testcase: ocp4_latest_gitops
+      testcase: ocp4_latest_gitops_maximo
     secrets:
       GIT_ORG: ${{ secrets.GIT_ORG }}
       AWS_CLUSTER_USERNAME: ${{ secrets.AWS_CLUSTER_USERNAME }}
@@ -21,6 +22,12 @@ jobs:
       GIT_ADMIN_USERNAME: ${{ secrets.GIT_ADMIN_USERNAME }}
       GIT_ADMIN_TOKEN: ${{ secrets.GIT_ADMIN_TOKEN }}
       CP_ENTITLEMENT_KEY: ${{ secrets.CP_ENTITLEMENT_KEY }}
+      DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
+      DATABASE_USERNAME: ${{ secrets.DATABASE_USERNAME }}
+      DATABASE_CERT: ${{ secrets.DATABASE_CERT }}
+      DATABASE_URL: ${{ secrets.DATABASE_URL }}
+      CRYPTO_KEY: ${{ secrets.CRYPTO_KEY }}
+      CRYPTOX_KEY: ${{ secrets.CRYPTOX_KEY }}
 
   verifyMetadata:
     uses: cloud-native-toolkit/action-workflows/.github/workflows/verify-module-metadata.yaml@v1
@@ -29,4 +36,5 @@ jobs:
     needs: [verify, verifyMetadata]
     uses: cloud-native-toolkit/action-workflows/.github/workflows/release-module.yaml@v1
     secrets:
-      TOKEN: ${{ secrets.TOKEN }}
+      TOKEN: ${{ secrets.TOKEN }}  
+

.gitignore

@@ -3,3 +3,4 @@
 terraform.tfstate
 terraform.tfstate.backup
 .terraform/
+.vscode